Open Source Project Security Baseline Scanner

Version updated for https://github.com/revanite-io/osps-baseline-action to version v1.2.0.

• This action is used across all versions by 16 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

This GitHub Action enables automated security assessments of repositories using the Open Source Project Security (OSPS) Baseline. It evaluates repositories against defined security controls, generates results in multiple formats (YAML, JSON, or SARIF), and can upload findings to GitHub’s Security tab for integration into security workflows. This action streamlines compliance checks and enhances repository security by identifying potential vulnerabilities.

Release notes

What’s Changed

• fix: use GHCR image reference by @jmeridth in https://github.com/revanite-io/osps-baseline-action/pull/7
• fix: Standardize repository features by @jmeridth in https://github.com/revanite-io/osps-baseline-action/pull/8
• chore(deps): bump github/codeql-action from 4.31.9 to 4.32.3 in the dependencies group by @dependabot[bot] in https://github.com/revanite-io/osps-baseline-action/pull/9

New Contributors

• @jmeridth made their first contribution in https://github.com/revanite-io/osps-baseline-action/pull/7
• @dependabot[bot] made their first contribution in https://github.com/revanite-io/osps-baseline-action/pull/9

Full Changelog: https://github.com/revanite-io/osps-baseline-action/compare/v1.1.0...v1.2.0

• revanite-io
• GitHub Actions